Issue in granting access to folders in Hyperion Workspace...

Similar Messages

• Users Can not Access Folders in Hyperion Workspace 11.1.2.2

  Hi,
  I have created a user "User A" with Shared Services URL with admin ID. I have given all view access to that user.
  When User A Log In in Hyperion Workspace, he is not able to see any folders even though I have given full access for that folders to User A.
  Please help me what role I have to give User A where he may be able to see his folder where he has access to it.

  Can you make sure that he is not a part of a group which has access to the folders.
  I don't think he'll be able to view the files inside if he is not having the access to view the files.
  Just see whether he can check any files in those folders.
  You can restrict the access to other folders by giving a none permission to the users. I would'nt do that if he is not having access to the files inside.
  Regards
  Celvin
  http://www.orahyplabs.com
  Please mark the responses as helpful/correct if applicable

• Permissions Issues plague remote access attempts

  I have a couple of networked IMacs in my house. They readily see and connect to each other via OS 10.5.6, being connected to the same router. Usually there are no problems copying files from one Mac to the other or saving changes in work to a second Mac
  EXCEPT...... perpetually frustrating recurrent "Permissions" barriers no matter how hard I try to give myself unrestricted access to my files on one Mac from the second one when using MS Office.
  EXAMPLE: I try to use Microsoft Office 2008 documents stored on one IMac from the 2nd IMac and am not allowed to save changes - not even when I am the owner of the accounts and documents concerned. Furthermore, these documents are opening as Read-Only even though their sharing options have been ticked on in the document settings....
  Microsoft says this is an Apple networking permissions issue and not a fault of their software. They advised me to check the appropriate "share this document" boxes within their files and this I have done. I log in as the Read/Write access owner of a given directory and still I can't save changes in MS documents unless I am operating the Mac where the file actually resides.
  Please, please, can anyone simplify the ESSENTIALS one must perform in Apple Sharing Prefs setup when trying to give one's self unrestricted access to all one's files - with full Read/Write privileges unrestricted - from a second Mac on the same local network ?

  This problem of mine tends to happen only with MS Office files. The MS Word and Excel files that always insist on opening as Read-Only (and Microsoft insisted to me this was because of an Apple Networking permissions issue !!) are within folders that in turn are within higher level folders for which the permissions ( ?? and does this not apple for the whole folder and all its enclosed files and folders ?? ) are set as "Read and Write" for me, for "others" and "everyone" as well. I figured that looked broad enough. Still, though, I am stymied from saving changes though I own the files and both computers involved !!!
  Surely Apple offers users some sort of stripped down (SIMPLE !!!) way of opening up read/write access as broadly as possible for any given networked folder whose own user and owner wishes it to have these broadest possible access permissions - so that surely I as the owner should be able to access.
  I have repeatedl;y repaired permissions but this does not seem to help. I have noticed that sometimes some individual MS documents within a folder whose folder permissions have been opened up have not recognized the broader permissions granted for the whole folder and still have bizarre restrictions.
  Don't all the files within a folder reflect automatically the permissions set for the folder itself ???
  If not, why bother opening up a folder ??

• Cannot access shared folders anymore....

  Hi,
  We have a naughty problem at the office for accessing shared folders .
  We use G5 Xserve + Xraid serving home access to 12 macs.
  Our problem started when we updated all machines to 10.5.2 (nor did we have a problem with 10.5.1 or with 10.5.0).
  All machines login correctly, fetch their folders with their home accesses located in the Xserve, as allways did, BUT :
  ·Almost all the machines running Leopard (except two) CANNOT access shared items. They get Error -5002
  ·The old machines running Tiger (G3 Imac's) acess shared items without problem.
  So after many weeks doing multiple tests, we got the following conclusions:
  ·Problem is not server related.
  ·Problem si related to Leopard clients , although not in all
  ·Problem is not related to the machine, but with the account (accounts that can access shared items do it on any machine, and accounts that can't, don't do it on any machine)
  ·It seems that the trouble is related somewhat with Kerberos authentication, but it's not related to tickets (renewing them is no use)
  ·If we create new account with new name, it can access shared items
  ·If we create new account with same name that of the faulty one (renaming the later), it CANNOT access shared items.
  We have got a problem in the office, and no clue of solving it.... Have read all over apple discussions over the internet, and although some people have similar issues, they are not as close as ours....
  And none of the solutions proposed have solved the problem.
  Any ideas would be greatly appreciated, cause we are starting to get desperate
  Thanks everyone.

  new update:
  we are able to connect to remote shared folders with a different remote server (dual G4) from every machine
  machines who can connect to local server are INTELs, the one who can't are PPCs
  makes any sense to anyone?¿

• Computer screen goes black accessing network folders

  We have a computer on our network whose screen goes black when you try to access shared folders on the network.
  When working locally it doesn't happen at all. But if you, for instance, open the run command and type in \servername and click OK it'll flash black. Or if you open a file in one of the shared folders on that server.
  This is a new one for me. Any ideas on how I could begin troubleshooting? I've verified that the only time it happens is when accessing files/folders
  shared on the server and that it only happens on that machine.

  Does your computer function properly in safe mode with networking? Follow below step if you do not know how to boot the system into safe mode
  with networking
  http://windows.microsoft.com/en-in/windows/start-computer-safe-mode#start-computer-safe-mode=windows-7  
  If your computer is working fine go to step 2 to find which program is causing
  the current issue.
  http://support.microsoft.com/kb/929135/en-us
  MCP

• Problem Granting access on Business Area to Role

  Hello everybody,
  I am trying to grant access on a Business Area to a role but when I try to do so, the role does not appear in role list. It only shows role connect and resource.
  The version of Discoverer I am using is 10.1.2.
  Anyone has the same issue?
  Phil
  Message was edited by:
  [email protected]
  Message was edited by:
  [email protected]

  Hello everybody,
  I am trying to grant access on a Business Area to a role but when I try to do so, the role does not appear in role list. It only shows role connect and resource.
  The version of Discoverer I am using is 10.1.2.
  Anyone has the same issue?
  Phil
  Message was edited by:
  [email protected]
  Message was edited by:
  [email protected]

• Grant access to DBlink

  We are facing a small issue . the problem is as follows.
  =========================================================
  1. I have two databases
       Namely
            Database1
            Database2
  2.Database2 has a table say EMP
  3.I want to select , insert update EMP from Database1
  4.Hence I have created a db link in Database1 named Dblink1
  5. I don't want to user the @ symbol (alias -- EMP@Dblink1) in my query. I just want to access directly.
  6. When I tried to give grant access from Database1 , It gives me an error.
  Please suggest how to acheive this

  5. I don't want to user the @ symbol (alias -- EMP@Dblink1) in my query. I just want to access directly.This is simply not possible to access the table which is in another database without using dblink. i..e you have to have the dblink to access the other database tables.
  >> 6. When I tried to give grant access from Database1 , It gives me an error.
  What's error you got??
  Regards,
  Sabdar Syed.

• Grant access to users from different Domains

  Hi,
  Recently my company was merged with another. All users from my company are setup in our Domain (DomainA). Sharepoint is able to see the users in this domain and grant access to the users as well. When the merger happened, we created a Group (Test - Sharepoint)
  in our AD to add groups from other companie's domain:DomainB, totally different Forest. There is a two way trust setup between these domains. The group Test-Sharepoint is "domain local" and it is able to see the groups/users from other domain: DomainB.
  The other users are now able to access our sharepoint environment once access is granted to DomainA\Test-Sharepoint.
  Problem came when we applied Audience targetting around few web parts. The users from DomainB who are added as object in DomainA\Test-Sharepoint (group in DomainA) are not able to see the web parts that have audience targeting for this group. Someone
  suggested that AD groups should be Global or Universal but that is not our case. Most of the groups in our AD are domain local and SP is able to see the users within it.
  Please suggest how we can resolve audience targeting issue?
  Regards, Kapil ***Please mark answer as Helpful or Answered after consideration***

  My apologies, yes that is correct you'll have to use Domain Local in this case. http://technet.microsoft.com/en-us/library/cc755692(v=WS.10).aspx
  Actually what you'll need to do is not use Groups in your domain at all, as the users are Foreign Security Principals. Instead, use a group in the trusted domain, or attributes of the users you intend to target directly.
  Trevor Seward
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Hyperion workspace log-in issue for only one (in Shared Services) active di

  Hi All,
  This is Raj, working as Hyp support analyst.
  I have big issue in Hyperion production environment. (version No. 9.3.1)
  Issue is, we had issues with TWO active directories of Hyperion Shared Servces which ad1 and ad2. We found that the TWO respective active directories (ad1 and ad2) of their hosts are not working.
  After that we changed those two active directories hosts with new host names respectively. We have implemented these changes in DEV first and those TWO active directories user able to access Hyperion workspace (HFM users) which are under ad1 active directory. offcourse we have all the servers as well.
  But ad2 users are NOT able log-in to the Production workspace but they are able to log-in with DEV workspace.
  Not really sure what happened... (Please note that, No access is changed for any of the users)... if it is LDAP issue...how it to resolve...
  Can some one please help oout in this...
  Thank you very much in advance.
  - Thanks,
  Raj.

  Hi,
  Those error messages usually happen when Shared Services has just started up and before the other services have started, it sends out a ping to see if it gets a response from the other application servers, the pings will fail until the other services have started, once they have started them messages should disappear.
  I would check that if any changes have happened to your MSAD or the account that shared services uses.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• BO authorization model with sap roles / access tot folders, functionalities

  Hi Specialists,
  As authorization cunsultant in BI, I have little knowledge of the security setup in Business Objects.
  I have to setup an authorization model were the authorizations are assigned via sap roles in the backend BI system. These roles are imported in BO were they can serv as 'user groups' and access to folders, functionalities.
  Can anyone provide me a overview, guide, training document... on how the authorizations are managed in BO and best practice when they are linked to sap backend roles.
  The goal will be to user the sap BI backend roles and user them to grant users in BO specific access to specific folders. Eg; User A can access folders 1 as "refresher only", User B is able to publish reports in folder 2, User C has only view access in folder 2...
  Any help would be great!
  Thanks very much in advance.
  rgrds
  Kristof

  Hello,
  this is the best approach you mentioned here.
  I prefer to create roles serverd as functionalities in the Backend. For Example you have a "View" role, a "Refresh" role and so on.
  On the other hand i saw some setups where there is only on role in the Backend with all the BO Users. Then you have to create you functional groups in BO and have to assign the Users there to the Groups.
  Check the Adminguide of BO XI 3.1 for more Informations.
  Regards
  -Seb.

• Signed applet - NO Grant access dialog

  I've develped a signed applet which works with the java plugin 1.3.1 and a self signed certificate. while developing i followed the description from irene67 in this forum. every thing works perfektly apart from the grant access dialog. after installing my certificate and starting my applet nothing happens appart from an file.io.exceptino (access denied)! i've tried out everything i could find in about 200 articels in several forums. but in the meantime i have no idea what i can do! may be anybody can help me!

  At some point the Plug-in switched from using the Windows Certificate Manager to using the cacerts file. If you're using Plug-in 1.3.1, then it's using the cacerts file to determine whether the jar is signed with a certificate chain that ends with a trusted ca. Use keytool to import your certificate into cacerts. If you've already tried that, then maybe list the commands that you've issued in your attempt so we can have a look.

• !!Still unresolved error #2123: BitmapData.draw(), videosampleaccess, No policy files granted access

  Hello,
  I have looked all over the forums, google etc. and not found any reliable and working solution to be able to retrieve the stream bitmapdata from RTMP  or HTTPDynamicStreaming source. Please find the details below.
  I have tried everything:
  NetStream.checkPolicyFile = true
  Security.loadPolicyFile(...);
  /applications/live/main.asc has the code below:
  application.onConnect = function( client )
      client.videoSampleAccess = "/";
      this.acceptConnection(client) ;
  The Application.xml has the tag:
  <Client>
       <access>
            <VideoSampleAccess enabled="true">/</VideoSampleAccess>
       </access>
  </Client>
  But constantly, I receive this error ( both on FMS3.5 and FMS4.0 RTMP & HttpLiveDynamicStreaming):
  securityerror:Error #2123: Security sandbox violation: BitmapData.draw: http://localhost/xxyy.swf cannot access rtmpt://localhost:1935/live. No policy files granted access.
  The problem persists wherever the player.swf is placed.
  Since I'm using OSMF the video display object had to be retrieved in the way like this:
  var mediaDisplayObjectTrait:DisplayObjectTrait;
  mediaDisplayObjectTrait = media.getTrait(MediaTraitType.DISPLAY_OBJECT) as DisplayObjectTrait;
  v = new Video(mediaDisplayObjectTrait.mediaWidth,mediaDisplayObjectTrait.mediaHeight);
  loadable.netStream.checkPolicyFile = true;
  v.attachNetStream(loadable.netStream);
  The new Video part is a must because when using ( the only working http - vod setup ) the BitmapData of the DisplayObject defaults to 320x240 even though the mediaWidth and mediaHeight properties are set fine and the video itself has much higher resolution. I must note at this point its far weird and worths another post.
  Seems like the player simply doesn't know anything about where and how to obtain any kind of policy information from the stream.
  I think this issue must be resolved once and for all, it's simply not acceptable to have this poor documentation floating around an essential feature without any professional help involved.

  You don't need crossdomain policy files, you need to do the following;
  1)      Edit the Application.xml file in the host folder, within install directory/conf/... , edit the client tag, adding the attribute override=”yes”
  <Client override=”yes”>
  In a default install of Flash Media Server, the Client class is set to prevent overriding values in the application folder. This was why the settings we were trying were not holding.
  We do not need to alter anything else of the conf Application.xml
  2)      Add the client/access nodes to the root Application.xml within the content folder  ( we have already done this as far as I am aware ).
  <Application>
    <Client>
     <Access>
      <VideoSampleAccess enabled="true">/</VideoSampleAccess>
      <AudioSampleAccess enabled="true">/</AudioSampleAccess>
     </Access>
    </Client>
  </Application>
  3)      Restart the Media Server by using the administration console. This will enable the client>access values to be overridden to true.

• FBA Not granting access to AD group users

  In my FBA setting, individual user can be granted access to sharepoint site and works fine. It is able to resolve AD group but any user within that AD group is not able to get access to the sharepoint site. Same user when added directly gets access. Since
  these AD groups have more than 2000 users it is not possible to add them individually. Is there anyway of doing it? 
  i followed this approach but it did not work.
  http://social.technet.microsoft.com/Forums/office/en-US/9592df6b-d789-49c0-b1ec-142828cdadc8/fba-ldap-domain-group-members-getting-access-denied?forum=sharepointadminlegacy
  sachin

  Ok complete answer is in the link http://social.technet.microsoft.com/Forums/office/en-US/9592df6b-d789-49c0-b1ec-142828cdadc8/fba-ldap-domain-group-members-getting-access-denied?forum=sharepointadminlegacy.
  I did not do something right in the first time .
  After editing role provider and adding the italic lines: 
  <add name="AccountRole"
                    type="Microsoft.Office.Server.Security.LdapRoleProvider,
  Microsoft.Office.Server, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
                    server="server"
                    port="389"
                    useSSL="false"
                    enableSearchMethods="true" 
                    groupContainer="DC=$$,DC=@@,DC=!!"
                    groupNameAttribute="cn"
                    groupNameAlternateSearchAttribute="cn"
                    groupMemberAttribute="member"
                    userNameAttribute="sAMAccountName"
                    dnAttribute="distinguishedName"
                    useUserDNAttribute="true"
                    connectionUsername="username" 
                    connectionPassword="password"
                    userFilter="&amp;(objectClass=user)(objectCategory=person)"
                    groupFilter="&amp;(objectCategory=Group)(objectClass=group)"
                    userContainer="DC=$$,DC=@@,DC=!!"
                      scope="Subtree"
  />
  Then following these steps:
  If
  you add the group in the site, you must make sure it was retrieved from the Role provided (LdapRoleProvider in your issue), but not the membership provider (LDAP in your issue)
  Things
  have started working now.
  sachin

• Grant access to terminated employee's mailbox

  How can I easily grant access to a terminated employee's mailbox including deleted items? If I have the terminated employee's mailbox on litigation hold the deleted items are in the recovery folder, but can the recovery folder only be viewed through
  e-discovery process?
  Thanks!

  Hi Viper,
  Thank you for your question.
  We could run the following command to grant full access permission on terminated user:
  Add-MailboxPermission –Identity <terminated user> -User <your name> -AccessRights FullAccess –InheritanceType all
  If I have the terminated employee's mailbox on litigation hold the deleted items are in the recovery folder, but can the recovery folder only be viewed through e-discovery process?
  A: Yes, we could be granted only viewer to the specific user, we could refer to the following link:
  https://technet.microsoft.com/en-us/library/dd298021(v=exchg.150).aspx  
  Authorized users can perform an In-Place eDiscovery search by selecting the mailboxes, and then specifying search
  criteria such as keywords, start and end dates, sender and recipient addresses, and message types. After the search is complete, authorized users can then select one of the following actions:
  Estimate search results   This option returns an estimate
  of the total size and number of items that will be returned by the search based on the criteria you specified.
  Preview search results   This option provides a preview
  of the results. Messages returned from each mailbox searched are displayed.
  Copy search results   This option lets you copy messages
  to a discovery mailbox.
  Export search results   After search results are copied
  to a discovery mailbox, you can export them to a PST file.
  If there are any questions regarding this issue, please be free to let me know. 
  Best Regard,
  Jim
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Jim Xu
  TechNet Community Support

• Which subsystem to grant access to proxy for executing a TSQL step?

  I want to test something while using a credential I setup.  I want to simply run a TSQL statement step in a job, and  do this as a specific proxy user.  Which subsystem do I grant the proxy to have access to?

  it should be 1 for T-SQL
  check the values using below code
  USE msdb
  GO
  EXEC sp_enum_sqlagent_subsystems
  GO
  It will list you values for various subsystems
  You can grant access as follows
  EXEC msdb.dbo.sp_grant_proxy_to_subsystem
  @proxy_name=N'Your proxy name here',
  @subsystem_id = 1
  GO
  EXEC dbo.sp_enum_proxy_for_subsystem
  Please Mark This As Answer if it helps to solve the issue Visakh ---------------------------- http://visakhm.blogspot.com/ https://www.facebook.com/VmBlogs